Identification of Internet of Things (Iot) Attacks Using Gradient Boosting: A Cross Dataset Approach

IoT attacks have become very common in recent years, especially during pandemic times when
most activity takes place online. These attacks involve theft of data and complete or partial
blocking of access to various devices, creating an emergency at various locations. These attacks/
attackers can be found in various forms on the internet. With that being said, the aim of
this study is to identify ‘IoT attacks’ and ‘DDoS attacks’ using three different datasets, namely
BoT-IoT, IoT-23, and the Canadian Institute of Cyber Security-Distributed Denial of Service-
2019 (CIC-DDoS2019). BoT-IoT and IoT23 datasets are utilized in experiment I and II for
identifying IoT attacks. BoT-IoT dataset will be used for training in Experiment I, and the
testing will be done by IoT-23 dataset. Experiment II is conducted in the reverse order of the
datasets. Experiment III was conducted to identify DDoS attacks in the CIC-DDoS2019 dataset
on two different days. Training and testing were done in all experiments using two gradient
boosting techniques, namely Extreme Gradient Boosting (XGB) and Light Gradient Boosting
Method (LGBM), and their performance was compared with that of the Cascaded Deep Forest
(CDF). Feature extraction and selection (FES) is done using two established methods: principal
component analysis (PCA) and analysis of variance (ANOVA). The accuracy achieved with
the boosting methods is at least 16% higher than that achieved with CDF. Boosting algorithms
are at least 240 times faster than CDF. Among the two boosting algorithms, the execution time
of LGBM is the lowest; it is executed in 54 seconds or less and has an accuracy of up to 94.79%